Configuration Examples For Asa Clustering - Cisco ASA Series Cli Configuration Manual

Software version 9.0 for the services module

Hide thumbs Also See for ASA Series:

Configuration manual (429 pages)

Getting started (31 pages)

Mount and connect (12 pages)

Table of Contents

Configuration Examples for ASA Clustering

ESP outside: 10.1.227.1/53744 NP Identity Ifc: 10.1.226.1/30604, , flags c, idle 0s,

uptime 1m21s, timeout 30s, bytes 7544, cluster sent/rcvd bytes 0/0, owners (0,255) Traffic

received at interface outside Locally received: 7544 (93 byte/s) Traffic received at

interface NP Identity Ifc Locally received: 0 (0 byte/s) UDP outside: 10.1.227.1/500 NP

Identity Ifc: 10.1.226.1/500, flags -c, idle 1m22s, uptime 1m22s, timeout 2m0s, bytes

1580, cluster sent/rcvd bytes 0/0, cluster sent/rcvd total bytes 0/0, owners (0,255)

Traffic received at interface outside Locally received: 864 (10 byte/s) Traffic received

at interface NP Identity Ifc Locally received: 716 (8 byte/s)

Configuration Examples for ASA Clustering

Sample ASA and Switch Configuration

The following sample configurations connect the following interfaces between the ASA and the switch:

ASA Interface

GigabitEthernet 0/2

GigabitEthernet 0/3

GigabitEthernet 0/4

GigabitEthernet 0/5

ASA Configuration

Interface Mode on Each Unit

cluster interface-mode spanned force

Cisco ASA Series CLI Configuration Guide

D - DNS, d - dump, E - outside back connection, F - outside FIN, f - inside

G - group, g - MGCP, H - H.323, h - H.225.0, I - inbound data,

i - incomplete, J - GTP, j - GTP data, K - GTP t3-response

k - Skinny media, M - SMTP data, m - SIP media, n - GUP

O - outbound data, P - inside back connection, p - Phone-proxy TFTP

q - SQL*Net data, R - outside acknowledged FIN,

R - UDP SUNRPC, r - inside acknowledged FIN, S - awaiting inside SYN,

s - awaiting outside SYN, T - SIP, t - SIP transient, U - up,

V - VPN orphan, W - WAAS,

X - inspected by service module,

x - per session, Y - director stub flow, y - backup stub flow,

Z - Scansafe redirection, z - forwarding stub flow

Sample ASA and Switch Configuration, page 1-56

Firewall on a Stick, page 1-59

Traffic Segregation, page 1-61

Redundant Interface (PBR or ECMP), page 1-63

Spanned EtherChannel With Backup Links, page 1-65

Switch Interface

GigabitEthernet 1/0/15

GigabitEthernet 1/0/16

GigabitEthernet 1/0/17

GigabitEthernet 1/0/18

ASA Configuration, page 1-56

IOS Switch Configuration, page 1-58

Configuring a Cluster of ASAs

Show Quick Links

Chapters

Table of Contents

Troubleshooting

Configuration Examples For Asa Clustering - Cisco ASA Series Cli Configuration Manual

Configuration Examples for ASA Clustering

Hide quick links:

Chapters

Troubleshooting

Related Manuals for Cisco ASA Series

Related Content for Cisco ASA Series

This manual is also suitable for:

Table of Contents